Latest news and events related to Data Protection
1 February 2016
Notice to Produce – DIFC Commissioner of Data ProtectionDownload
26 October 2015
The DIFC Commissioner of Data Protection issues guidance on adequacy status relating to US Safe Harbor Recipients.Download
30 November 2014
Protection of Commercial Data – Good Risk Management StrategiesDownload
2 November 2014
DIFC OUTREACH SESSION: IS YOUR DATA PROTECTED?
The Office of the Commissioner of Data Protection invites you to attend an outreach session in Data Protection in DIFC.
During the session, the speakers will address the following matters:
- Data-related due diligence on potential vendors;
- Overview of contractual mechanisms for protecting commercial data.
- Recent legal, regulatory and policy changes affecting enterprise data management.
- Use of off shore based Processors, ie. cloud storage providers, off-shore ethics hotlines, off-shore sanctions screening services etc.
The event is supported by Al Tamimi & Company and Simmons & Simmons LLP.
- 2:15 Arrival coffee and networking
- 2:30 Welcome note from the DIFC Commissioner of Data Protection, Ms. Raja Al Mazrouei
- 2:40 Protection of Commercial Data - Good Risk Management Strategies - Madonna Kobayssi, Associate, Technology, Media & Telecommunications, Simmons & Simmons LLP
- 3:00 - 3:10 Q&A session
- 3:10 Using Off-Shore Based Processors - Case Studies - Nick O'Connell, Senior Associate, Technology, Media & Telecommunications, Al Tamimi & Company
- 3:30 - 3:40 Q&A session
- 3:40 Overview – Supervision & Enforcement - Camelia Quinnell, Director -Data Protection, DIFC Authority
- 4.00 - 4:10 Q&A session
- 4:10 - 4:20 Outreach session Q&A
- 4:20 Event closes
- Date: 30 November 2014
- Location: DIFC Conference Center
- For registration please click here
Who should attend:
Compliance officers, senior officers of DIFC companies with an interest in the area of Data Protection, legal advisors advising on data protection matters in the DIFC.
3 August 2014
Raja Al Mazrouei, Commissioner of Data Protection, was appointed by Presidential Resolution on 3rd August 2014. In her capacity as the Commissioner of Data Protection, Raja is responsible for ensuring the fulfillment of the objectives of the Office of the Commissioner of Data Protection and administering the Data Protection Law and Regulations.
The General Data Protection Regulation (GDPR) is a European Union (EU) law that updates how entities that collect and use personal data may process it transparently, lawfully and fairly. Personal data is anything that can identify an individual. This new law provides such individuals with stronger rights to access their own personal data as well as to submit requests object, rectify or erase their personal data. It will become enforceable on May 25, 2018, meaning that EU regulators can from that date investigate whether a business is compliant with the law and, if not, take legal action accordingly.
While the current DIFC law, Data Protection Law DIFC Law No. 1 of 2007, remains fully in force, please note that the GDPR is very broadly applicable, including to certain operations of the DIFC itself as well as the entities that are registered in the DIFC. If you are unsure of whether it applies to your business and the personal data it handles, you may wish to seek external legal advice to ensure your business does not run afoul of the GDPR and its potentially heavy fines. The DIFC Commissioner of Data Protection does not provide legal advice, but may provide guidance including how it affects the DIFC or whether it is compatible with current DIFC law. Please see the DIFC Online Data Protection Policy for further information on how DIFC manages personal data.
Jacques Visser, Commissioner of Data Protection, was appointed by Presidential Resolution on July 2016. In his capacity as the Commissioner of Data Protection, Jacques is responsible for ensuring the fulfillment of the objectives of the Office of the Commissioner of Data Protection and administering the Data Protection Law and Regulations.
31 December 2013
The Commissioner of Data Protection issues the Guide to Data Protection Law, DIFC No.1 of 2007 and Data Protection Regulations. To download the guide, visit the Data Protection Document Library.
1 September 2013
The Commissioner of Data Protection issues a Direction to Fulcrum Capital Dubai Limited pursuant to the powers granted to her under Article 33 of the Data Protection Law No.1 of 2007 as amended from time to time.Download
12 May 2013
DIFC OUTREACH SESSION: DATA PROTECTION IN THE DIFC & THE REGION
Data Protection Law in DIFC exists to strike a balance between the rights of individuals to privacy and the ability of organisations to use data for the purposes of their business.
Venue: DIFC Conference Centre
Data Protection Law in DIFC exists to strike a balance between the rights of individuals to privacy and the ability of organisations to use data for the purposes of their business. The Commissioner of Data Protection will host an outreach session in Data Protection. The seminar will focus on the amendments to the Data Protection Law 2007 (Law) that came into effect in December 2012, and the main obligations imposed on data controllers under the Law. The event is supported by Allen & Overy, Al Tamimi & Co., Clifford Chance and Norton Rose.
- 8:30 Arrival coffee and networking
- 9:00 An introduction to the DIFC Data Protection Law 2007 and its amendments introduced in December 2012 - Roberta Calarese, Commissioner of Data Protection & Camelia Quinnell, Legal Counsel, DIFC Authority
- 9:20 An overview of the eight data protection principles - Tom Butcher, Counsel, Allen & Overy and Andrew Kenning, Senior Associate, Allen & Overy
- 9:40 - 9:50 Q&A session
- 9:50 Sharing data with regulators - Graham Lovett, Partner, Clifford Chance & Jodi Griffiths, Lawyer, Clifford Chance
- 10:10 - 10:20 Q&A session
- 10:20 Responding to data breaches - Dino Wilkinson, Partner, Norton Rose
- 10:40 - 10:50 Q&A session
- 10:50 A general overview of the data protection in the region (UAE, Qatar, Oman etc.) - Nick O’Connell, Senior Associate, Al Tamimi & Co.
- 11:10 - 11:20 Q&A session
- 11:30 Event closes
Who should attend
Compliance officers, senior officers of DIFC companies with an interest in the area of Data Protection, legal advisors advising on data protection matters in the DIFC
23 December 2012
The Commissioner of Data Protection introduces amendments to the Data Protection Law
The Commissioner of Data Protection announces today that His Highness Sheikh Mohammed Bin Rashid Al Maktoum, in his capacity as the Ruler of Dubai, has enacted the Data Protection Law Amendment Law (DIFC Law No. 5 of 2012).
The amendments to the Data Protection Law seek to provide greater legal certainty by addressing a number of deficiencies and practicalities which have been identified since the establishment of the DIFC in 2004. The rational for the proposed amendments was fully presented in the consultation paper which is available on the DIFC Data Protection website
Consultation Paper No. 3 of 2011 on the Data Protection Law
The Data Protection Amendment Law 2012 was enacted and will come into force on Sunday 23rd December 2012, and is available on the DIFC Data Protection website.
The Board of Directors of the DIFC Authority also made regulations under the Data Protection Law. These Regulations shall come into force on 23rd December 2012 and are available on the DIFC Data Protection website.
15 December 2011
The Commissioner of Data Protection has posted the Data Protection Law & Regulations for 30 days of public consultation. To view the consultation papers, visit the Legal Database and search for Past Consultation Papers